Least Privilege | AC-6
Description
- Accounts must be created with a baseline appropriate for the category of (For example, MCC Users receive a minimum level of access to information resources approved for all employees).
- Information Resource Custodians are responsible for ensuring that access is given to the minimum degree necessary for users to accomplish assigned tasks.
- Administrator and special access accounts are only authorized to perform limited privileged access tasks, such as system maintenance and administration.
- Information Resource Owners or their designees are responsible for ensuring that users with administrative accounts are aware of the extraordinary responsibilities associated with the use of privileged accounts.
- Privileges should be escalated only when necessary to accomplish assigned tasks.
Last updated: 3/11/2024
Contact Hours
Questions?